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METHOD AND SYSTEM FOR IDENTIFICATION IN A TELECOMMONl- 
CATION SYSTEM 

FIELD OF THE INVENTION 

The present invention relates to telecommiini- 
5 cation systems. In particular, the invention concerns 
a method and system for user identification and ascer- 
tainment of the authenticity of parties in a telecom- 
munication system. 

10 BACKGROUND OF THE INVENTION 

A telecommunication network, e.g. a telephone 
network, consists of a plurality of separate compo- 
nents interconnected via transmission lines. One of 
such components is a telephone exchange, which is e.g. 

15 a DX200 manufactured by the applicant. The telephone 
network is managed and maintained via an operation and 
maintenance network (O&M-network) , which can be imple- 
mented e.g. on the basis of the services of an X.25 
packet network. The operation and maintenance network 

20 is formed by connecting to it the telephone exchanges 
and other network components to be controlled. Other 
network components to be controlled are e.g. a 
transcoder (TC) , a base transceiver station (BTS) and 
a base station controller (BSC) . 

25 From telephone network elements connected to 

the operation and maintenance network, it is possible 
to establish remote sessions to other telephone ex- 
changes or network elements cormected to the operation 
and maintenance network. When a remote session is be- 

30 ing set up from a source system to a target system, 
user-specific data is sent to the target system for 
user identification. The source and target systems are 
e.g. telephone exchanges. The user- specif ic data in- 
cludes e.g. a user identifier and a password associ- 

35 ated with it. A password that is frequently sent is 
encrypted using a suitable encryption algorithm to 
prevent encroachments. The encryption algorithm is 
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e.g. a so-called one-way algorithm. This means that it 
is not possible to deduce or construct the original 
input data from the result of encryption • Two-way al- 
gorithm means that the result of encryption can be de- 
5 crypted into plain information. Decryption is gener- 
ally performed using the same algorithm that was used 
for encryption. For decryption, either the same or a 
different encryption key may be used than for encryp- 
tion. The former method is called symmetric encryption 

10 and the latter asymmetric encryption. 

The use of encryption algorithms does improve 
security, but it does not eliminate all problems re- 
lated to security • In some cases it is possible for an 
outside party to monitor a line that carries messages 

15 associated with a remote session. In such a case^ the 
outside party may be able to capture the initial mes- 
sages used in the remote session and simulate the ini- 
tiation of a remote session using an encrypted pass- 
word and an appropriate user identifier. 

20 In the above-mentioned situations, the prob- 

lem is how to identify the user with certainty. A fur- 
ther problem is that the source and target systems in- 
volved in the remote session cannot be certain about 
each other's authenticity. 

25 The object of the present invention is to 

eliminate the drawbacks referred to above or at least 
to significantly alleviate them. A specific object of 
the invention is to disclose a new type of method that 
will enable reliable user identification in a target 

30 system and ascertainment of the authenticity of the 
systems involved in a remote session. 

As for the features characteristic of the 
present invention, reference is made to the claims. 

35 BRIEF DESCRIPTION OF THE INVENTION 

The method of the invention concerns user 
identification and ascertainment of the authenticity 
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of parties in a telecoramionication system. The telecom- 
munication system of the invention comprises a tele* 
comm\inication network and source and target systems 
connected to it. 
5 In the method, the user identifiers and the 

associated passwords are stored in the source and tar- 
get systems. Further, the user logs on into the source 
system by entering a user identifier and a password 
corresponding to it. The user is identified in the 

10 source system on the basis of the user identifier and 
password. Further, a remote session is set up from the 
source system to the target system. 

According to the invention, identical, in- 
dexed encryption keys are generated in the source and 

15 target systems. The encryption keys may also be gener- 
ated using a predetermined encryption algorithm e.g. 
on the basis of the index. The source and target sys- 
tems may also contain a special encryption key list or 
file containing a plurality of encryption keys. In the 

20 initial stage of the establishment of a session, the 
password associated with the user identifier is en- 
crypted in the source system using a password indi- 
cated by a first index, and the encrypted information 
as well as the first index and the user identifier are 

25 sent to the target system. Thus, the index and the 
user identifier need not necessarily be transmitted in 
an encrypted form between the systems. The index and 
the user identifier can be sent in an unprotected 'form 
because their publicity does not impair the security 

30 of the system as the encryption key corresponding to 
the index cannot be determined on the basis of the in- 
dex. The index and user identifier may also be sent in 
an encrypted form, in which case they are encrypted 
using e.g. a two-way encryption algorithm. The source 

35 system may also send to the target system separate 
identification data, which is encrypted and sent to 
the target system simultaneously with the user data in 
accordance with the procedure described above. The 
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identification data can also be transmitted between 
the source and target systems independently, apart 
from the user data at a different time. 

The first index preferably consists of a num- 
5 ber or item pointing at a given encryption key. The 
index can be selected on a random basis or it may be 
generated on the basis of a predetermined algorithm. 
This algorithm may be a secret one and only known to 
the source and target systems. The identification data 
10 consists of e.g. time data and/or data individualizing 
the source system. The time data is obtained e.g. from 
the system clock and the identifier individualizing 
the system is obtained e.g. from the configuration 
files. 

15 The target system receives the message sent 

by the source system, preferably comprising an en- 
crypted password, a user identifier, an index and pos- 
sibly identification data. In the target system, the 
password corresponding to the user identifier in ques- 

20 tion is looked up in a password register and the pass- 
word associated with the user identifier is encrypted 
using an encryption key indicated by the index. The 
password associated with the user identifier has been 
stored in the user data in the target system. The tar- 

25 get system compares the password received password and 
the password it has just encrypted. If the encrypted 
passwords thus compared are not coincident, then the 
setup of the remote session can be prevented. 

After this, at a second stage, the target 

30 system encrypts the password associated with the user 
identifier received from the source system and possi- 
bly the identification data using an encryption key 
indicated by a second index. The encrypted information 
and the second index are sent back to the source sys- 

35 tem, where the encrypted password initially sent to 
the target system is encrypted again using a password 
indicated by the. second index just received from the 
target system. The result thus obtained is compared 
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with the encrypted password received from the target 
system. If the passwords compared are not coincident, 
then the setup of the remote session can be prevented. 

If identification data is used between the 
5 source and target systems, then the identification 
data initially sent to the target system and encrypted 
using the encryption key indicated by the first index 
is encrypted again in the source system using a pass- 
word indicated by the second index received from the 
10 target system. In the source system, the identifica- 
tion data just encrypted is compared with the en- 
::j crypted identification data received from the target 

system. If the identification data items thus compared 
are not coincident, then the setup of the remote ses- 
'-=J 15 sion can be prevented. By using identification data, 

the source system can ascertain the authenticity of 
F" the target system. This is possible because the source 

system can send the initially encrypted identification 
data to the target system. If the target system is 
r 20 authentic, then it will send back to the source system 

^1= the same identification data encrypted with a new 

password. Since the source system at the same time re- 
ceives from the target system a second index pointing 
at a given encryption key, the source system is able 
25 to confirm the coincidence of the identification data 
items via a comparison, thereby gaining a certainty 
about the authenticity of the target system. It is to 
be understood that the identification data need not 
necessarily be transmitted simultaneously with the 
30 user data; instead, it can be transmitted separately 
* at a suitable time. 

If the results of the above-mentioned com- 
I . parisons are coincident, then the remote session can 

be set up. 

35 In an embodiment of the invention, a one-way 

encryption algorithm is used for the encryption of in- 
formation in the source and target systems. Examples 



wo 01/15376 



6 



PCT/nOO/00699 



Of such algorithms are MD5 (MD5, Message Digest 5) and 
SHA {SBA, Secure Hash Algorithm) * 

In an embodiment of the invention, the tele- 
communication system is a telephone exchange system, 
5 In an embodiment of the invention, the source 

system and/or target system are telephone exchanges. 

In an embodiment of the invention, the tele- 
communication network is an operation and maintenance 
network . 

10 The system of the present invention comprises 

means for creating identical indexed encryption keys 
in the source system and in the target system, means 
for encrypting information in the source and target 
systems using an encryption key indicated by the in- 

15 dex, and means for transmitting information between 
the source and target systems. Moreover, the system 
comprises means for performing a comparison in the 
source and target systems and means for approving 
setup of a remote session. 

20 . In an embodiment of the invention, the system 

comprises means for preventing the setup of a remote 
session. In another embodiment, the system comprises 
means for generating identification data and for add- 
ing time data and/or data individualizing the source 

25 system to the identification data. 

In an embodiment of the invention, the system 
comprises an encryption key list for the storage of 
encryption keys. 

In an embodiment of the invention, the system 

30 comprises means for generating an index on a random 
basis or on the basis of a predetermined algorithm. 

The invention provides the advantage that the 
encryption keys themselves are not transmitted between 
the systems at all . The invention makes it possible to 

35 identify the user in the target system with a cer- 
tainty and at the same time to ascertain the authen- 
ticity of the systems involved in a remote session. 
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LIST OP ILLUSTRATIONS 

In the following, the invention will be de- 
scribed in detail by the aid of a few examples of its 
embodiments , wherein 
5 Fig. 1 presents a preferred system in which 

the method of the invention can be implemented. 

Fig. 2 presents a program block according to 
the invention, connected to a telephone exchange, and 
Fig*. 3 presents a preferred example of a flow 
10 diagram according to the invention. 



DETAILED DESCRIPTION OF THE INVENTION 

The system illustrated in Fig. 1 coiT5)rises an 
operation and maintenance network CM, a source system 

15 LEI, a target system LE2 and a workstation TE. The 
source system LEI and the target system LE2 are pref- 
erably telephone exchanges. The telephone exchange is 
e.g. a DX200 manufactured by the applicant. The work- 
station TE is connected to the source system LEI, and 

20 it is possible to set up remote sessions from the 
workstation via the source system to the target system 
LE2 . A remote session is established via the operation 
and maintenance network OM. The workstation may be an 
ordinary PC computer or equivalent, comprising a dis- 

25 play and a keyboard by means of which the user can in- 
teractively transmit information with the operation 
and maintenance network OM. 

In addition, each exchange comprises a pro- 
gram block PB, which is a certain aggregate of soft- 

30 ware and peripherals in the DX200 switching center 
that the operator can use to execute operation control 
fiinctions in the operation and maintenance network OM. 
In practice, the program block PB is an interface be- 
tween the user and the machine or telephone exchange, 

35 allowing the user to connect to the system and give it 
commands. A more detailed description of this block 
will be given in conjunction with Fig. 2. The system 
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presented in Fig. 1 is a preferred example of a possi- 
ble system in which the method of the invention can be 
itt^jlemented. 

Fig. 2 present's a more detailed illustration 
5 of the structure and operation of the program block 
PB. The program block may comprise other components in 
addition to those shown in Fig, 2. The program block 
comprises an operation control block MMSSEB (Man Ma- 
chine Interface System Service Block) , The operation 

10 control block is connected to an input and output 
service block 20, which provides input and output sys- 
tem services to the other operation control blocks. 
Via block 20, the operation control block is connected 
to external peripherals, such as a display, a key- 

15 board, a printer and a storage device. The operation 
control block is also connected to a communication 
block 23 and a security operations block 25. 

In addition, the operation control block 
MMSSEB, shown in Fig. 2, comprises a target selection 

20 block 21, which is used to select the system to which 
the user wishes to set up a session. In practice, the 
system may be the local system, i.e. the source system 
to which the user's workstation is connected, or it 
may be a remote system, i.e. a target system to which 

25 a connection is established via the operation and 
maintenance network. 

The user's session is controlled by a session 
control block 22, which communicates with the target 
selection block 21, the communication block 23 and the 

30 user control block 24. The session control block con- 
trols the session on the basis of commands given by 
the user. The user control block provides user identi- 
fication and authority verification services, among 
other things. Via the communication block, the opera- 

35 tion control block MMSSEB establishes remote connec- 
tions to the operation control blocks in other sys- 
tems, e.g. telephone exchanges, as directed by the 
target selection block. In practice, the communication 
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block acts as an interface and a buffer between the 
source and target systems. 

The communication block 23 comprises a pro- 
gram block 3 which is used to transmit information be- 
5 tween different program blocks or systems. The session 
control block 22 comprises means 7 for generating 
identification data and for adding time data to the 
identification data. Means 7 consist of e,g, a program 
block that is able to determine the time data and make 

10 it part of the identification data. The identification 
data can be utilized in the identification of the par- 
ties between which information is to be transmitted. 
The time data is determined e.g. from the clock of the 
larger system comprising the operation control block 

15 MMSSEB. The session control block additionally com- 
prises a program block 9 which is used to generate an 
index on a random basis or on the basis of a predeter- 
mined algorithm. The index is e.g. a numeric value re- 
ferring to a given encryption key. 

20 The user control block 24 and the session 

control block 22 further communicate with a system 
file block or database 26 storing the user data as 
well as the passwords, among other things. A possible 
encryption key list 8 used in conjunction with the en- 

25 cryption of information is stored e.g. in the data- 
base. The encryption key list conqprises one or more 
encryption keys. Furthermore, the database may contain 
data indicating the manner in which encryption keys 
included in the encryption key list are generated. One 

30 of the functions of the session control block is to 
create indexes pointing at encryption keys included in 
the encryption key list. The indexes are generated 
e.g. on a random basis or on the basis of a given al- 
gorithm. The session control block additionally commu- 

35 nicates with the security operations block 25. The se- 
curity operations block contains the encryption algo- 
rithms needed for encryption and it performs the en- 
cryption of information upon request. An example of 
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encryption algorithms applicable is the MD5. The en- 
cryption key list possibly associated with the encryp- 
tion of information may alternatively be located in 
the security operations block. 
5 The security operations block 25 comprises a 

program block 1 used to generate encryption keys. This 
program block 1 is e.g. a block containing an encryp- 
tion algorithm. Program block 1 may comprise a given 
predetermined algorithm which produces encryption keys 
10 needed in the system. The security operations block 
also comprises a program block 2 which is used to en- 
crypt information intended to be encrypted. Program 
blocks 1 and 2 together may form a larger program 
block. 

15 The user control block 24 comprises a program 

block 4 which performs comparisons. The parties to be 
conpared are e.g. encrypted passwords associated with 
a user identifier. The user control block further com- 
prises a program block 5 which is used to approve a 

20 remote session to be set up. Moreover, the user con- 
trol block comprises a program block 6 used to prevent 
the setup of a remote session. The setup of a remote 
session is prevented e.g* when program block 4 pro- 
duces a negative comparison result. Together, program 

25 blocks 5 and 6 may form a larger program block. 

Program block 27 means e.g. a program block 
PB or operation control block MMSSEB located in an- 
other system. 

Fig. 3 presents a flow diagram representing a 

30 preferred example of a procedure according to the in- 
vention. According to block 30, an index is generated 
or selected. The index may be a random number within a 
given range or it may be generated using e.g. a secret 
algorithm. An index to be generated is subject to the 

35 requirement that it should point at an encryption key 
existing in the source and target systems. The encryp- 
tion key is located e.g. on a special encryption key 
list. The user identifiers and the associated pass- 
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words have been stored in both the source system and 
the target system. In addition^ in this example, an 
identical encryption key list has been stored in both 
systems. It is to be noted that an encaryption key list 
5 need not necessarily be formed; instead, the encryp- 
tion keys can be produced in other ways. According to 
block 31, the password associated with the user iden- 
tifier is encrypted using the encryption key on the 
encryption key list that is indicated by the first in- 

10 dex just generated. The encryption algorithm used is 
preferably a so-called one-way algorithm. An example 
of such algorithms is MD5 . One-way algorithm means 
that the original input data cannot be deduced or con- 
structed from the result of encryption. 

15 To allow the systems to make sure of each 

other' s authenticity, separate identification data is 
generated and encrypted using the same encryption key 
indicated by the first index, block 32 . Identification 
data means e.g. time data obtained from the system 

20 clock. The essential point is that the identification 
data is of a changeable nature. The use of identifica- 
tion data is not obligatory, but in this example it is 
used. In this example, the identification data is sent 
together with the user data. Another possibility is to 

25 send the identification data separately from the user 
data at a suitable different time. According to block 
33, the index and the encrypted identification data 
are stored in the source system for later use. The 
source system sends the user identifier, the first in- 

30 dex, the encrypted identification data and password to 
the target system, block 34. As the password in this 
example has originally been saved in an encrypted form 
in the source and target systems, it has by now been 
encrypted twice using different keys. The index and 

35 the user identifier can be sent in an unencrypted form 
because their publicity does not impair the security 
of the system as the encryption key on the encryption 



wo 01/15376 



12 



PCT/nOO/00699 



key list corresponding to the index is stored in a 
protected file in the telephone exchange. 

The target system receives the data transmit- » 
ted and searches its own files to find the password 
5 corresponding to the user identifier, block 35. In 
other words, the password received is not processed in 
any way at this point. Having found the password in 
the file, the target system encrypts it using the en- 
cryption key indicated by the first index defined in 

10 the message received, block 36. As stated before, both 
the source system and the target system may contain 
identical encryption key lists. It is also possible 
that the source and target systems have no actual en- 
cryption key lists at all. In this case, the source 

15 and target systems contain identical means for the 
generation of encryption keys . ' Identical means ' here 
means e.g. that the source and target systems contain 
the same algorithm which can be used to generate en- 
cryption keys. 

20 After this, the password received from the 

source system and the password just generated are com- 
pared with each other, block 37, and if the passwords 
match, then the procedure will go on to block 38. In 
block 38, a new, second index is selected or gener- 

25 ated. The doxible- encrypted password received from the 
source system is now encrypted for a third time using 
the encryption key indicated by the second index, 
block 39. At the same time, the received identifica- 
tion data, which has already been encrypted once, is 

30 encrypted again using the encryption key indicated by 
the second index. After this, the target system sends 
the second index, the double -encrypted identification 
data and the triple -encrypted password back to the 
source system, block 40. 

35 The source system receives the data sent by 

the target system, whereupon it encrypts the password 
and identification data initially sent to the target 
system, using the encryption key indicated by the sec- 
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ond index. Thus, the password has now been encrypted 
three times, block 41. The encryption key correspond- 
ing to the second index can be found e.g. in an en- 
cryption key list. The triple-encrypted password thus 
5 obtained is compared with the likewise triple- 
encrypted password received from the target system, 
block 42. If the passwords coincide, then the user has 
been identified with certainty. 

According to block 43, the identification 

10 data initially encrypted using the encryption key in- 
dicated by the first index and included in the encryp- 
tion key list is encrypted again in the source system 
using the encryption key on the enciryption key list 
indicated by the received second index. After this,. 

15 the result is compared with the double -encrypted iden- 
tification data received from the target system, block 
44. If these identification data do not differ from 
each other, then it has been established with cer- 
tainty that the target system is the system it was 

20 supposed to be. 

The above -described operations regarding the 
transmission and encryption of the identification data 
ensure that the first message sent by the source sys- 
tem to the target system has not been captured by any 

25 outside user. Thus, the use of identification data 
makes it impossible for an outside party to falsely 
act as the target system in relation to the source 
system - 

The invention is not restricted to the exam- 
30 pies of its embodiments described above; instead, many 
variations are possible within the scope of the inven- 
tive idea defined in the claims. 



